[unisog] fw: insecure wireless LAN deployment at .edu
bdc1 at humboldt.edu
Fri Jan 25 20:55:33 GMT 2002
On 25 Jan 2002, at 10:47, H. Morrow Long wrote:
What type of authentication system are your POP3 accounts and passwords stored in?
Unix local passwd/shadow files?
NIS/NIS+? Netscape or other LDAP? NT or W2K AD domain?
---No. (Except that we DO have a special purpose LDAP) W2K AD
---is a whole different can-o-worms for us!
Yale keeps parallel Kerberos 5 and Windows 2000 AD accounts (called the Yale NetID)
in synch and are able to serve out authentication requests against the NetID/password
via a variety of authentication protocols :
---I'm hoping that there is a way for us to keep /etc/passwd and
Kerberos 5 or Radius or TACACS :"in sync." ??
We require MAC address registration for both residential room connections as well as
---We also require MAC address registration, but don't enforce
authentication. (have considered NetReg though)
Typically most students (and this would apply
to desktop PC/Mac faculty users) are (and would be) assigned a semi-permanent (for 1 year)
"home" IP address on the subnet on which the computer would sit while at Yale most of the
---Ugh. Does this require lots of FTE hours to manage?
Humboldt State University
c/o Telecommunications & Network Services
1 Harpst St. Arcata, CA 95521
Email: bdc1 at humboldt.edu
Sure I'll buy the Internet. How 'bout a trade...
More information about the unisog